Bug 1000079 - Don't let Windows overwrite length 0 strings. r=bsmedberg
authorJames Kitchener <jkitch.bug@gmail.com>
Thu, 24 Apr 2014 01:03:00 +0200
changeset 198594 05519890c1cc85202cdd998e42aba8abee5b58cb
parent 198593 60c2852b75eebd93838d787eff5cc44c7cecde1a
child 198595 2b2f0809d1c0cdeb230562426750fcb207285b30
push id3624
push userasasaki@mozilla.com
push dateMon, 09 Jun 2014 21:49:01 +0000
treeherdermozilla-beta@b1a5da15899a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbsmedberg
bugs1000079
milestone31.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1000079 - Don't let Windows overwrite length 0 strings. r=bsmedberg
toolkit/xre/nsXREDirProvider.cpp
--- a/toolkit/xre/nsXREDirProvider.cpp
+++ b/toolkit/xre/nsXREDirProvider.cpp
@@ -926,18 +926,18 @@ GetRegWindowsAppDataFolder(bool aLocal, 
   // The call to RegQueryValueExW must succeed, the type must be REG_SZ, the
   // buffer size must not equal 0, and the buffer size be a multiple of 2.
   if (res != ERROR_SUCCESS || type != REG_SZ || size == 0 || size % 2 != 0) {
     ::RegCloseKey(key);
     _retval.SetLength(0);
     return NS_ERROR_NOT_AVAILABLE;
   }
 
-  // |size| includes room for the terminating null character
-  DWORD resultLen = size / 2 - 1;
+  // |size| may or may not include room for the terminating null character
+  DWORD resultLen = size / 2;
 
   _retval.SetLength(resultLen);
   nsAString::iterator begin;
   _retval.BeginWriting(begin);
   if (begin.size_forward() != resultLen) {
     ::RegCloseKey(key);
     _retval.SetLength(0);
     return NS_ERROR_NOT_AVAILABLE;
@@ -946,16 +946,21 @@ GetRegWindowsAppDataFolder(bool aLocal, 
   res = RegQueryValueExW(key, (aLocal ? L"Local AppData" : L"AppData"),
                          nullptr, nullptr, (LPBYTE) begin.get(), &size);
   ::RegCloseKey(key);
   if (res != ERROR_SUCCESS) {
     _retval.SetLength(0);
     return NS_ERROR_NOT_AVAILABLE;
   }
 
+  if (!_retval.CharAt(resultLen - 1)) {
+    // It was already null terminated.
+    _retval.Truncate(resultLen - 1);
+  }
+
   return NS_OK;
 }
 
 static bool
 GetCachedHash(HKEY rootKey, const nsAString &regPath, const nsAString &path,
               nsAString &cachedHash)
 {
   HKEY baseKey;